<?
if (!$lSessionStarted)
	session_start();
$tplTellAFriend=new TplLoad;
$tplTellAFriend->assign("phpself",$_SERVER['PHP_SELF']);
if ($set_contact_login_need)
	check_valid_user("");


$lAdId=getParamInt("id","");
$lSenderEmail = getParam("sender_email","");
$lComment=getParam("comments","");
$lAdOwnerName=getParam("name","");

if ($set_img_validation==1)
	$tplTellAFriend->assign("image_validation",1);

$sql = "select ad_title from $ads_tbl where ad_id=$lAdId";
$r = q($sql);
$row = mysql_fetch_array($r);
$lAdTitle = $row["ad_title"];
	
// Refereer information
$legal = 0;
$y = 0;
$lServerRef = explode("/",getenv("HTTP_REFERER"));
	
if (getParam("submit",""))
{
	$ad_url = "http://$set_url/" . linkDetail($lAdId);
	$check_spam = 0;
	$sql="select user_email,user_id,ad_title from $usr_tbl,$ads_tbl where ad_id=$lAdId AND ad_owner=user_id";
	$res=q($sql);
	$row_email=mysql_fetch_array($res);
	$lSendTo=getParam("rec_email","");
	$lUserId=$row_email["user_id"];
	$lAdTitle=$row_email["ad_title"];
	$errorStr="";
	
	$tplTellAFriend->assign("rec_email",strEnc(getParam("rec_email","")));
	$tplTellAFriend->assign("sender_email",strEnc(getParam("sender_email","")));
	$tplTellAFriend->assign("comments",strEnc(getParam("comments","")));
	$tplTellAFriend->assign("id",getParamInt("id",""));
	
	if ($lSendTo=="")
		$errorStr.="<li>".LA_ERROR_MSG5."</li>";
		
	if (!validEmail(getParam("sender_email","")))
		$errorStr.="<li>".LA_ERROR_MSG21."</li>";
		
	if (getParam("sender_email","")=="")
		$errorStr.="<li>".LA_ERROR_MSG8."</li>";	

	if (!empty($set_ref) && !eregi("$set_ref",".$lServerRef[2]."))
		$errorStr.="<li>".LA_REF_FAILED."</li>";	
		
		
	if ($_SESSION["tellfriend"] == "$lSenderEmail$lSendTo$ad_url" && isset($_SESSION["tellfriend"]))
		$errorStr.="<li>".LA_NO_SPAM."</li>";		
	
		
	if (getParam("validate_sign","")=="" && $set_img_validation)	
		$errorStr.="<li>".LA_IMG_VER_FAILED."</li>";
	
	if (($_SESSION["validate_sign_session"] <> $_REQUEST["validate_sign"] && $set_img_validation))		
		$errorStr.="<li>".LA_IMG_VER_FAILED."</li>";	
		
	
	if (empty($errorStr))
	{
		$tplTellAFriend->assign("submit_ok",1);
		$tplTellAFriend->assign("ad_reciever",$lSendTo);
		$_SESSION["tellfriend"] = "$lSenderEmail$lSendTo$ad_url";
		
		$lContactArray=array("","$lSendTo","","$set_sitename","".getRemoteIp()."","http://$set_url/". linkDetail($lAdId),"$lAdTitle","$lSenderEmail","$lComment");
		$lSubject = formatString(LA_MAIL_TELLAFRIEND_SUBJECT, $lContactArray);
		$lBody = formatString(LA_MAIL_TELLAFRIEND_BODY, $lContactArray);
		if($lSubject=="")
		{
				$lSubject = $lSenderEmail." ".getParam("subject","");			
		}
		//$lBody=getParam("comments","no hay mensaje");
		sendEmail($lSendTo, $lSenderEmail, $lSubject, $lBody);
		
		addToHistory(4,$lUserId,"","");
		$tplTellAFriend->assign("ad_id","$lAdId");
   }
   else 
	$tplTellAFriend->assign("submit_fail","$errorStr");	

}
else
{
	$tplTellAFriend->assign("id","$lAdId");
	
	if ($_SESSION["valid_user"]!="") // If a userid is found, get name, email etc. of the person you try to contact
	{
		// Owner of this ad
		$lSqlTell = "select user_name,user_email from $usr_tbl where user_id = ".round($_SESSION["valid_user"])." limit 1";
		$lResultTell = q ($lSqlTell);
		$lRowTell = mysql_fetch_array($lResultTell);
		$lTellEmail=$lRowTell["user_email"];
		$tplTellAFriend->assign("sender_email",$lTellEmail);
	}	
		
}

		
$tplTellAFriend->display("tellafriend.tpl");	
?>

